This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/3XafC-hCOUFM-jug0_ev9kB4vuA.roa File: 3XafC-hCOUFM-jug0_ev9kB4vuA.roa (raw, json) Hash identifier: 7RiXYE5RDt0HSD+dkuTgOowiXviIVVlANZQyHAo4qDs= Subject key identifier: DD:76:9F:0B:E8:42:39:41:4C:FA:3B:A0:D3:F7:AF:F6:40:78:BE:E0 Certificate issuer: /CN=583ee3c2ec4a19025c0392ad1ee6a4641bcdd0c8 Certificate serial: 019B77C73416D64B25978A8E8976634672B4 Authority key identifier: 58:3E:E3:C2:EC:4A:19:02:5C:03:92:AD:1E:E6:A4:64:1B:CD:D0:C8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD7jwuxKGQJcA5KtHuakZBvN0Mg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/3XafC-hCOUFM-jug0_ev9kB4vuA.roa Signing time: Thu 01 Jan 2026 04:18:22 +0000 ROA not before: Thu 01 Jan 2026 04:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59874 IP address blocks: 185.68.36.0/24 maxlen: 24 185.68.37.0/24 maxlen: 24 185.68.38.0/24 maxlen: 24 185.68.39.0/24 maxlen: 24 2a05:1580:10::/48 maxlen: 48 2a05:1580:11::/48 maxlen: 48 2a05:1580:12::/48 maxlen: 48 2a05:1580:13::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/WD7jwuxKGQJcA5KtHuakZBvN0Mg.crl rsync://rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/WD7jwuxKGQJcA5KtHuakZBvN0Mg.mft rsync://rpki.ripe.net/repository/DEFAULT/WD7jwuxKGQJcA5KtHuakZBvN0Mg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:34:16:d6:4b:25:97:8a:8e:89:76:63:46:72:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=583ee3c2ec4a19025c0392ad1ee6a4641bcdd0c8 Validity Not Before: Jan 1 04:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd769f0be84239414cfa3ba0d3f7aff64078bee0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:2b:ec:0b:12:06:7a:d1:91:15:0e:6f:10:4f: a5:f9:cc:5a:29:d9:7e:92:f9:57:4c:a7:4c:f1:f3: fc:ad:6c:0a:eb:47:57:5a:55:9b:b7:61:88:c9:f2: 7f:07:48:bb:6b:5b:58:bd:2a:d5:74:72:a0:78:66: b3:81:1d:36:99:78:57:dc:36:8c:20:c8:f0:a9:8d: 06:71:69:31:af:4e:50:b3:f8:6d:61:73:f6:d3:cd: c9:40:11:a4:a7:ee:aa:e5:dd:5a:78:17:ff:1f:e0: ea:d0:3a:93:8e:88:b3:d6:fb:e2:0f:72:13:bd:70: 3f:a1:c2:31:d3:88:93:19:42:5d:48:42:e3:85:5d: c1:c3:be:15:34:47:bd:fc:b4:42:2c:c4:c5:d6:5c: c1:54:b1:00:29:93:cd:b2:31:88:f9:24:3c:cc:59: 55:f4:61:0b:33:06:0f:f2:8a:7c:15:4e:c3:8b:2c: bb:08:05:b7:d0:fc:ac:4e:60:fb:92:14:fe:cd:46: b8:b1:d9:27:34:2a:56:b6:90:dc:d2:50:25:f4:22: d3:b5:ca:a9:f1:9c:92:98:1b:f1:65:7f:c0:e9:bf: 09:40:0d:ed:02:8c:51:6b:20:d3:0f:75:70:20:7f: 99:57:40:24:e2:49:13:bd:a9:92:d5:f1:04:a9:d1: 35:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:76:9F:0B:E8:42:39:41:4C:FA:3B:A0:D3:F7:AF:F6:40:78:BE:E0 X509v3 Authority Key Identifier: keyid:58:3E:E3:C2:EC:4A:19:02:5C:03:92:AD:1E:E6:A4:64:1B:CD:D0:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD7jwuxKGQJcA5KtHuakZBvN0Mg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/3XafC-hCOUFM-jug0_ev9kB4vuA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/WD7jwuxKGQJcA5KtHuakZBvN0Mg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.68.36.0/22 IPv6: 2a05:1580:10::/46 Signature Algorithm: sha256WithRSAEncryption d3:5d:15:19:10:f2:d3:60:54:9a:cb:8f:f8:39:04:51:0b:46: 71:4d:5f:d7:30:29:79:20:88:5c:47:c0:66:e1:fd:cc:5e:7f: 5c:0c:51:75:1a:82:1f:f8:77:45:0a:81:1a:06:26:9a:ea:0f: 5d:6b:ca:3d:7c:3e:e0:15:21:81:7a:8f:2d:88:ef:92:55:35: 21:c8:6c:45:7d:e8:63:1b:d5:27:ed:d2:44:2f:a1:c3:78:a4: 27:b6:3a:94:87:62:3a:6b:d3:33:19:5e:40:99:e3:77:49:b7: a6:e2:0b:77:3c:79:5f:8e:a8:fc:2f:8e:77:a3:41:08:c1:b7: 12:de:b2:4f:f5:99:65:49:be:e9:7e:10:df:ab:66:70:bc:18: c6:5f:8f:c5:28:b8:1c:0d:10:32:df:b5:5f:7a:41:ec:d4:93: 43:5b:7b:10:8d:60:a4:62:8f:d8:e3:ec:18:36:e1:6a:ee:2f: b3:43:c0:94:0b:02:2e:3d:5b:79:53:0f:5e:bd:c8:b5:21:08: af:de:77:6f:1d:84:b6:40:db:6f:81:1d:08:11:38:a5:5a:c1: 31:17:cf:ec:f2:b5:33:75:0c:2e:f8:57:f0:dc:0b:21:4c:6b: f0:33:6e:51:4f:c5:53:c7:a6:17:6f:f2:64:d5:6a:80:59:a5: d6:f9:e4:e3 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3xzQW1ksll4qOiXZjRnK0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4M2VlM2MyZWM0YTE5MDI1YzAzOTJhZDFlZTZhNDY0MWJj ZGQwYzgwHhcNMjYwMTAxMDQxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDc2OWYwYmU4NDIzOTQxNGNmYTNiYTBkM2Y3YWZmNjQwNzhiZWUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CvsCxIGetGRFQ5vEE+l+cxaKdl+ kvlXTKdM8fP8rWwK60dXWlWbt2GIyfJ/B0i7a1tYvSrVdHKgeGazgR02mXhX3DaM IMjwqY0GcWkxr05Qs/htYXP2083JQBGkp+6q5d1aeBf/H+Dq0DqTjoiz1vviD3IT vXA/ocIx04iTGUJdSELjhV3Bw74VNEe9/LRCLMTF1lzBVLEAKZPNsjGI+SQ8zFlV 9GELMwYP8op8FU7Diyy7CAW30PysTmD7khT+zUa4sdknNCpWtpDc0lAl9CLTtcqp 8ZySmBvxZX/A6b8JQA3tAoxRayDTD3VwIH+ZV0Ak4kkTvamS1fEEqdE19QIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFN12nwvoQjlBTPo7oNP3r/ZAeL7gMB8GA1UdIwQY MBaAFFg+48LsShkCXAOSrR7mpGQbzdDIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0Q3and1eEtHUUpjQTVLdEh1YWtaQnZOME1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9iNzNiMGItN2MwYy00NDhhLThiY2Mt MzVjYzIxNGRlYTgxLzEvM1hhZkMtaENPVUZNLWp1ZzBfZXY5a0I0dnVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi9iNzNiMGItN2MwYy00NDhhLThiY2MtMzVjYzIxNGRlYTgx LzEvV0Q3and1eEtHUUpjQTVLdEh1YWtaQnZOME1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuUQkMA8E AgACMAkDBwIqBRWAABAwDQYJKoZIhvcNAQELBQADggEBANNdFRkQ8tNgVJrLj/g5 BFELRnFNX9cwKXkgiFxHwGbh/cxef1wMUXUagh/4d0UKgRoGJprqD11ryj18PuAV IYF6jy2I75JVNSHIbEV96GMb1Sft0kQvocN4pCe2OpSHYjpr0zMZXkCZ43dJt6bi C3c8eV+OqPwvjnejQQjBtxLesk/1mWVJvul+EN+rZnC8GMZfj8UouBwNEDLftV96 QezUk0NbexCNYKRij9jj7Bg24WruL7NDwJQLAi49W3lTD169yLUhCK/ed28dhLZA 22+BHQgROKVawTEXz+zytTN1DC74V/DcCyFMa/AzblFPxVPHphdv8mTVaoBZpdb5 5OM= -----END CERTIFICATE-----Generated at Tue Feb 10 04:14:39 2026 by rpki-client